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(57) Abstract: A scalable, distributed, highly available, load balancing server system having multiple machines is provided that 
functions as a front server layer between a network (such as the Internet) and a back-end server layer having multiple machines 
functioning as Web fiQe servers, FTP servers, or other application servers. The front layer machines comprise a server cluster that 
performs fail-over and dynamic load balancing for both server layers. The operation of the servers on both layers is monitored, and 
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operational machines, reconfiguring front-layer servers as needed without inteuupting operation of the server system. The server 
system automatically accommodates additional machines in the server cluster, without service interruption. The system operates 
with a dynamic reconfiguration protocol that permits reassignment of network addresses to the fix)nt layer machines. The front layer 
machines perform their operations widiout breaking network communications between clients and servers, and without rebooting of 
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(57) Abstract 



A scalable, distributed, highly available, load balancing server system having multiple machines is provided that functions as a 
front se rver l ayer between a networic (such as the Internet) and a back-end server layer having multiple machines functioning as Web file 
servers, FTP servers, or other application servers. The firont layer machines comprise a server cluster that performs fail-over and dynamic 
load balancing for bodi server layers. The operation of the servers on both layers is monitored, and when a server failure at eidier layer 
is detected, the S3rstem automatically shifts network traffic from the failed machine to one or more operational machines, reconfiguring 
front-layer servers as needed without interrupting operation of the server system. The server system automatically accommodates additional 
machines in the server cluster, without service interruption. The system operates with a dynamic reconfiguration protocol that permits 
reassignment of network addresses to die front layer machines. The front layer machines perform their operations without br&aking network 
communications between clients and servers, and without rebooting of computers. 
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CLAIMS 

We claim: 

5 

1 . A data traffic controller for a computer network, the controller comprising: 

a network interface that permits commimication between the traffic controller and a 
subnet over which network data is sent and received; and 

a distributed gateway application that dynamically determines network data traffic 
10 address assignments fix>m multiple primary network addresses to multiple virtual network 
addresses to send network data to an intended host on the subnet, wherein network data 
intended for a host on the subnet is addressed to one of the virtual network addresses. 

2. A method of controlling data traffic, for a computer network through a, traffic . 
15 controller computer, wherein the data traffic is received through a network interface that 

permits communication between the traffic controller and a subnet oyer which network data 
is sent and received, the method comprising: 

receiving iietwork data intended for a host on the subnet at a data traffic controller, 
wherein the network data is addressed to one of a plurality of virtual network addresses that 
20 are on the subnetand are associated with one or more primary network addresses; and 
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dynamically determining network data traffic addresk ' ii^signm multiple 
primary network addresses to multiple virtiUd netwbtk'aCddr^sses to send network data to an 
intended host on the subnet. 

5 3, A method of operating a server compiit^ for controlling data traffic of a 

computer network, the method comprising: : ? 

receiving network data traffic through a network interface that pennits 
communication between the server computer and other computers; ' ' 

communicating with a plurality of server compiiters 'that are all members of a first 
1 0 subnet of network addresses over which network data is sent and received, comprising a firont 
laiyer of servers, wherein the conirhunication includes state sharing inforniadon with a 
dynamic reconfiguration protocol tbat permits reassignment of network addresses among the 
fi:ont layer servdrs and specifies state information sharing and load information sharing 
among the firont layer servers; and 
15 communicating with a plurality of network computers that are members of a second 

subnet of network addresses to send and receive network data traffic. 

4; A method as defined in claim 3, whereiii communicating with a plurality of 
server computers comprises sending data using a Reliable Message lay^ scheme that 
20 comprises a token data packet and oiie or more data carriage packets, wherein the token data 
packet specifies the number of data carriage packets that together comprise ia ReUable 
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Message psurket and wherein , the da^^ cairiage packets include, data relating to state 
information and data traffic load informatioii about each of the front layer servers. 

5. A method as defined in claim 3, further comprising: 
5 . receiving network d^ta traffi ^ ■ , . 

determining if the data traffic is associated ,with,a previous network communication 
session or.an origLnsLl server computer of ;the first subnet, prior to a network address 
reassigiunent for the original se^CT computer; . . 

responding to data traffic not associatod with a previous, netwoik communications 
10 session of an original server computer by processing the data traffic; and . . 

responding to data traffic that, is associated with a previous , network communication 
session with an original server . computer by checking a record of network address 
assignments and identifying the. original server computer associated, with the, previous 
network commimications session and forwarding the data traffic to the identified original 
15 server computer. , : . . , 

6. A method as defined in claim 3, wherein commimicating with server 
.computers of . the first subnet further includes: performing a network address translation 
comprising: ^ , .... : 

20 receiving data traffic fpr a pool of virtual network addresses serviced by . the server 

computers of the first subnet; 
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determining that the received data tra£Bc includes a diata^ packet intended for a port 
connection at a difTerent server computer of the first subnet; and 

identifying a computer port assignment of the* different server computer in the first 
subnet for which the data traffic is intended and perfomiing an address translation function to 
route the data packet to the different server computer; - 

7. A method as defined in claim 6, wherein determLining a port connection of the 
received. data traffic comprises determining that the data packet relates to a port connection 
that is not in a list of port coiinections;» and wherein identifying a port assignment comprises 
receiving a synchronization message update containing port assignment information that 
permits identification of the different server computer to which the port is assigned. 

8. A method as defined in claim 3» further including: 

receiving cluster configuration information for operation of the server computer and 
adapting operation accordingly; and 

communicating the cluster configuration infomiation to the other server computers of 
the first subnet such that the other server computers adapt their operation accordingly. 

9- A method as defined in claim 3, further comprising: 
receiving data traffic comprising a request for a data file; 
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Sjending a data.paQlspt with the :reqy:est information to ;a computer of the second 
subnet; ^ » 0 / . . : . 

storing header infonnation; for the data request; 

receiving data packets ,Qf the requested data file from the second subnet computer and 
S forwarding the data packets to the requesting computen : 

maintaining state data on the client communications session, including the number of 
. data packets sent to .the requesting computer; . . 

.^^ detecting a failure of the isecond subnet computer and in response identifying a 
replacement second subnet computer from which the requested data is available; and 
10 sending a request for the requested data: to.the. replacement second subnet computer, 

such that the request is for data beginning subsequent to the idata packets already forwarded 
to the requesting computer. 

^ 10. A method as defined in claim 3, further including: >. . : 

15 configuring an operating system of the server computer - such that all network 

addresses in a pool of addresses assigned to the server computers of the first subnet are 
assigned to the server computei; 

generating a gratuitous address resolution protocol (ARP) message in response to an 
address reassignment of the server computer and communicating the ARP message to the 
20 other server computers of the first subnet; 
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blocking the sending of an ARP ackhdwiedgment'-m^ssiage server 
computers of the first subnet for any received gratuitous ARP message, thereby inhibiting 
reboot operation of the respective server computers and ensuring that each server computer is 
unaware of any dupUcate assigmnent of network address numbers. 

11. A method as defined iii claim 3y fiirther including operating as an autlibritative 
node of the first subnet to ensure symmetric routing of iietwoirk data traffic to and &oxh the 
first subnet' - ' ' - . , • 

10 12. A method as defined in claim 11, wherein operating to ensure symmetric 

. traffic routing comprises: 

receiving a data request firom a responding server computer of the first subnet, 
wherein the data request was initially received at the responding server computer, which 
determined the authoritative node for responding to the data request; 
15 identifying a server computer in the first subnet that will handle the data traffic 

associated with the data request and forwarding the data request to the identified server 
computer for handling; 

receiving a reply message firom a server computer of the first subnet that is operating 
as a default reply node to a second subnet computer that is responding to the data request; 
20 and : 
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. fpnvardii^g tbe.icj>]3^.mQssage.ta pomputer of the first subnet that will ensure 

symmetric routing of the data xeque$t.and reply m^ with respect to. the server computers 
of thq first subnet. . :. . ^; . j , . ^ 

5 13. A method as defined in claim 12, further comprising forwarding assignment 

. information to .the server , coniputer of the first subnet that was operating as the default reply 
,,node for the data request, ^wherein .. the . .assignnient information includes forwarding 
information that the default reply node can use to directly forward response messages from 
the second subnet computer to the first subnet computer that will ensure symmetric routing. 
10 . . . • _ ; : . ^ 

14. A method as defined in claim 3, wherein the computers of the second subnet 
comprise application servers. 

15- A method as defined in claim 3, wherein the network over which data traffic is 
15 received comprises the. Internet. . 

16. A method as defined in claim 15, wherein the network data, traffic includes 
requests for data files. • . , . : • , " * ^ 

20 17. A method as defined in claim 1 6, wherein the data files comprise Web pages. 
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18. A program product for use in a computer that executeis program steps recorded 
in a computer-readable media to perform a method of oiperating the computer fbr controlling 
data trafBc of a computer network, the program product comprising: 

a recordable media; ^ r > 

5 computer-readable instructions recorded on the recordable media, comprising 

instructions executable by the computer to perform a method cbmpnsing: 

receiving network data - traffic' through - a network intc^ace that pomits 
conimunication between the server computer and other computers; 

communicating with a plurality of server computers that are all members of a first 
10 subnet of network addresses over which network data is sent and received, comprising a fi"ont 
layer of servers, whierein the communication includes state sharing information with a 
dynamic reconfiguration protocol that permits reassignment of network addresses among the 
firont layer served and specifies state information sharing and load information sharing 
among the front layer servers; and • 
IS conununicating with a plurality 6f network computers that are members of a second 

subnet of network addresses to send and receive network data traffic. 

. 19. • A program product as defined iii claim 18, wherein communicating with a 
plurality of server computers comprises sending data using a Reliable Message layer scheme 
20 that comprises a token data packet and one or more data carriage packets, wherein the token 
data packet specifies the number of data carriage packets that together comprise a Reliable 
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Message psupket .and.^^yh packets include, data relating to state 

information and data traffic load, information about, each of the front layer servers.: 

' . . » ,^ . . • ' . • • 

20. A program product as defined in claim 18, wherein, the performed method 
5 further comprises: ^ . . r ; r iL^ ^ 

receiving network <teta ti:affi v ^ : :\ v , . . - . 

. . , determining if the data /traffic is associated with' a preyioUis network, conmiunication 
session of an original server computer!; of the first subnet, prior to a network address 
reassigrmient for the longinal server.com r . ^ . . . 

10 responding to data , traffic not associated \yidi a; previous .network communications 

session of an original server coinputer by processing the.data traffic 

responding to data traffic, that is associated with a previous network communication 
session with an original server computer by checking a record, of ..network address 
aissigiunents and identifying the original server computer associated with the previous 
IS network communicatioiis session ^ and. forwarding the data traffic to .th<e identified original 
server computer. . ^ . 



. 21. . . A program product a3 defined^ iii claim 18, wherein communicating with 
server computers of the first subnet further includes performing a network address translation 
20 comprising: . • . . 
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receiving data traffic for a pool of virtual network addresses serviced by the server 
computers of the first subnet; : . . : . 

determining that the received data traffic mcludes a data packet intended for a port 
coimectionatadifferent server computer of the first s^^^ ^^ 
5 identifying a computer port assigriiiient of the-different server computer in the first 

subnet for which the data traffic is intended and performing an address translation function to 
route the data packet to the different server computer. * ' . 

22. A program product as defined in "claim 21 , wherein determining a port 
10 cbhhection of the received data traffic coniprises determining that the data packet relates to a 

port coimection that is not in a list of port connections^ and wherein identifying a port 
assignmimt comprises- receiving a synchronization message upklate containing port 
assignment information that permits identification of the different server computer to which 
the port is aissigned. 

23. A program product as defined in claim 18, wherem the performed method 
further includes: 

• ' receiving cluster configuration information for operation of the server computer and 
adapting operation accordingly; and 
20 commimicating the cluster configuration information to the other server computers of 

the first subnet such that the other server computers adapt their operation accordingly. 
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24. A program product as defined in claim 18, wherein the performed method 
fiuther comprises: , ^ - ? v ; r 

receiving data traffic comprising a request, for a dat^ file; . . ^ 
S sending a flata^ packet with^ tb^ to. a computer of the second 

subnet: . . . . , h- ^ . ... . . . . . 

storing header information for the dataTeg[uest; 

receiving data packets of the requested data file from the second subnet computer and 
forwarding the data packets to the rjsque$ting computer; : . - - 

1 0 maintaining state data on the client commimications session, including the number of . , . . f 

data packets sent to the requesting computer; , . 

detecting a failure of the second subnet computer and in response identifying. a - = 
replacement second subnet coniputer from wU^ . . - 

sending a request for the requested data to the replacement second subnet computer, 
IS such that the request is for data beginning subsequent to the data packets already forwarded 

to the requesting computer. . 

. • . •■ ' ' ^ . 

.25... .,A program product as defined in jClaim 18,. wherein tthe pi^ method 
further includes: * / , 
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configuring an operating system of the server computer vsuch.! that: all network 
addresses in a . pool of addresses assigned to the sierver computers of the first subnet are 
assigned to the server computer; 

generating a gratuitous address resolution protocol (ARP) message in, response to an 
5 address reassignment of the server computer, and , communicating the ARP message to: the 
other server computers of the first subnet; 

blocking the sending pf an ARP acknowledgment message to the other server 
.computers of the first subnet for any received gratuitous ARP message, thereby inhibiting 
reboot operation of the respective server computers and ensuring that each . server computer is 
1 0 xmaware of any duplicate assignment of network address numbers. 

26. A . program product as defined in claim 18, wherein the performed method 
fiirther includes operating as an authoritative node of the first subnet to ensure symmetric 
routingtof network data traffic to and fi:om the first subnet 

27. A program product as defined in claim 26, wherein operating to ensure 
symmetric trafi[ic routing comprises: 

receiving a data request: fix)m a responding server computer of the first subnet, 
wherein tiie data request was initially received at the responding server computer, which 
20 determined the authoritative node for responding to the data request; 
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' identifying, a servCT/ (.computer TO the first subnet that will handle the data traffic 
associated with the data request and forwarding the data request to the identified server 
computer for handling; 

. . receiving a reply mess^e from, a (server computer of the first subnet that is operating 
5 as a default reply 'ifode. to a> second -subnet computer that is responding to the data request; 
and 

; forwarding the reply m«sage^to a server computer of the first subnet that will ensure 
symmetric routing of the data request and reply message with respect to the server computers 
of the first subnet. ' : 
10 • . • ■ - ' . - - 

28. A program product as defined in claim 27, wherein the performed method 
further comprises forwarding assignment information to the server computer of the first 
subnet that was operating as the default reply ndde for the data request, ;whereinr*the 
assignment information includes forwarding information that the default reply node can use 

15 to directly forward response messages from the second subnet computer to the first subnet 
computer that will ensure symmetric routing: - 

29. ^ A program product as defined iii claim 18, wherein the computers of the 
second subnet comprise application servers. 
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■■■ ' A . • 

30. A network server computer comprising: 

a network interface that permits communicatibh/b^etween the server computer and 
other computers; 

a distributed server application executed by the server computer that thereby permits 
5 the server computer to communicate with a plurality of server computers that are all members 
of a first subnet of network addresses over which network data is sent and received, 
comprising a front layer of servers, wherein the communication includes state sharing 
information with a dynamic reconfiguration protocol that pemiits reassignment of network 
addresses among the front layer servers and specifies state information sharing and load 
10 information sharing amtpng the front layer servers, and permits the server computer to 
communicate with a plurality of network computers that are members of a second subnet of 
network addresses to send and receive network data trafBc. 
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